Skip to content

gabe-terrell/Web-Programming-Portfolio

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

58 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Portfolio for COMP 20: Introduction to Web Programming

This repository is a collection of assignments and laboratories performed over the course of the semester for COMP 20.

My favorite assignment in this repository is the Marauder's Map (/mmap). I liked it because it combined two very important concepts of web programming (using AJAX to grab and post data to other servers or backends and how to use APIs) to create a very cool-looking final product. The assignment makes me think of somethign someone would do in a Hackathon: plot a really weird idea, look up some APIs that would support the idea, and try to hash out a prototype. It was a very real assignment.

I think I have grown over the course of this semester to really start to branch out and use APIs and libraries used by other people. Before day 1, I was always daunted at Hackathons by the sheer amount of overhead to look a new API or framework and try to digest and use it over the course of 24 hours; I always felt like it was too much to handle. Now that I have done several hands-on projects that do just that, I have come to learn that it is much simpler to dive into than I originally thought. I am really excited to take these new found skills of diving into APIs and framework and really test out my ability to do so in future hackathons or projects.

The most important thing I have learned in this course is to never trust user input. You can't build a website off of the way you expect people to use it. Whether people are trying to malicously use your site or naively did something you didn't expect, websites can break in numerous different ways if you're not careful. A key example of this was when we developed our backends for the Marauder's Map. We had designed the backend to simply accept data, trusting the user was going to send proper data as requested. As we learned in assignment 4, however, this is not the case: never trust user input. Users could easily manipulate our backends for XSS exploitation as well as numerous other exploits. Another, less malicous example stems from our final project. When inputting a new event, a simple formatting error by the user (even a harmless one that was simply a mistake in typing) can break our entire calendar API when it tries to parse through the ill-formed data. For every form of input the user gives, there must be a numerous amount of checks. "Never trust user input.... never trust user input."

Now that I have finished this course, I would really like to delve deeper into backend programming. We got a small taste of it with NodeJS, but I feel that it was only the tip of the iceberg. There is still a lot that we don't know how to do in the backend, and that's where a lot of the magic in the internet happens. I'd be interested in exploring a new framework like Django or Rails and see how they compare (discover the tradeoffs of each).

About

COMP 20 Spring 2015 Project Portfolio

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors